Cyber Security
Atlassian has addressed a hardcoded credential flaw in Questions for Confluence and servlet filter bypasses in multiple other products. The Australian vendor of software development and...
Hi, what are you looking for?
Atlassian has addressed a hardcoded credential flaw in Questions for Confluence and servlet filter bypasses in multiple other products. The Australian vendor of software development and...
The Python Package Index (PyPI) is rolling out two-factor authentication (2FA) for “critical projects” in the form of physical security keys. Mindful of the growing threat...
Jira, Atlassian’s popular issue tracking and project management software, was vulnerable to a server-side request forgery (SSRF) flaw that researchers were able to abuse without obtaining...
The maintainers of Argo CD, the continuous delivery tool for Kubernetes, have patched a critical vulnerability that enabled attackers to forge JSON Web Tokens...
A critical vulnerability in Flux2, the continuous delivery (CD) tool for Kubernetes, can enable rogue tenants in multi-tenancy deployments to sabotage ‘neighbors’ using the same...
Enterprise IT personnel believe cybersecurity skills are their teams’ most important technical capabilities, according to a new report from the DevOps Institute. Ninety-two percent...
Tighter controls have been introduced to resolve a weakness in GitHub Actions that made it possible to circumvent code review safeguards. Omer Gil and...
The last year has seen a massive rise in the number of software supply chain attacks aimed at upstream public repositories, a new report has revealed....
Concern is growing within the infosec community that a breach at DevOps platform vendor Travis CI might run deeper than the firm has so far been...
WordPress has extended its Site Health interface for developers, allowing for greater visibility over potential security flaws. Version 5.8 of WordPress core, out today (July...